Details of VAR-E-201307-0259

ID

VAR-E-201307-0259

CVE

cve_id:	CVE-2013-4877	Trust: 0.3
cve_id:	CVE-2013-4875	Trust: 0.3
cve_id:	CVE-2013-4876	Trust: 0.3
cve_id:	CVE-2013-4874	Trust: 0.3

sources: BID: 61393 // BID: 61394 // BID: 61357 // BID: 61395

TITLE

Verizon Wireless Network Extender CVE-2013-4875 Local Privilege Escalation Vulnerability

Trust: 0.9

sources: BID: 61394 // BID: 61357 // BID: 61395

DESCRIPTION

Verizon Wireless Network Extender is prone to a local privilege-escalation vulnerability.
Successfully exploiting this issue may allow an attacker to execute arbitrary code with elevated privileges and completely compromise the device.
Note: This issue was previously covered in BID 61169 (Verizon Wireless Network Extender Multiple Local Privilege Escalation Vulnerabilities), but has been moved to its own record for better documentation.
Verizon Wireless Network Extender SCS-2U01 is vulnerable.

Trust: 0.9

sources: BID: 61394 // BID: 61357 // BID: 61395

AFFECTED PRODUCTS

vendor:	verizon	model:	wireless network extender scs-2u01	scope:	eq	version:	0	Trust: 0.9
vendor:	verizon	model:	wireless network extender scs-26uc4	scope:	eq	version:	0	Trust: 0.6

sources: BID: 61393 // BID: 61394 // BID: 61357 // BID: 61395

EXPLOIT

The researcher who discovered the issue has provided steps for exploitation. Please see the references for more information.

Trust: 0.9

sources: BID: 61394 // BID: 61357 // BID: 61395

PRICE

Free

Trust: 0.9

sources: BID: 61394 // BID: 61357 // BID: 61395

TYPE

Unknown

Trust: 0.9

sources: BID: 61393 // BID: 61394 // BID: 61395

CREDITS

Doug DePerry and Tom Ritter of iSEC Partners

Trust: 0.9

sources: BID: 61394 // BID: 61357 // BID: 61395

EXTERNAL IDS

db:	CERT/CC	id:	VU#458007	Trust: 1.2
db:	NVD	id:	CVE-2013-4877	Trust: 0.3
db:	BID	id:	61393	Trust: 0.3
db:	NVD	id:	CVE-2013-4875	Trust: 0.3
db:	BID	id:	61394	Trust: 0.3
db:	NVD	id:	CVE-2013-4876	Trust: 0.3
db:	BID	id:	61357	Trust: 0.3
db:	NVD	id:	CVE-2013-4874	Trust: 0.3
db:	BID	id:	61395	Trust: 0.3

sources: BID: 61393 // BID: 61394 // BID: 61357 // BID: 61395

REFERENCES

url:	http://www.verizonwireless.com/b2c/device/network-extender?	Trust: 1.2
url:	http://www.kb.cert.org/vuls/id/458007	Trust: 1.2

sources: BID: 61393 // BID: 61394 // BID: 61357 // BID: 61395

SOURCES

db:	BID	id:	61393
db:	BID	id:	61394
db:	BID	id:	61357
db:	BID	id:	61395

LAST UPDATE DATE

2022-07-27T09:45:14.142000+00:00

SOURCES UPDATE DATE

db:	BID	id:	61393	date:	2013-07-15T00:00:00
db:	BID	id:	61394	date:	2013-07-15T00:00:00
db:	BID	id:	61357	date:	2013-07-16T00:00:00
db:	BID	id:	61395	date:	2013-07-15T00:00:00

SOURCES RELEASE DATE

db:	BID	id:	61393	date:	2013-07-15T00:00:00
db:	BID	id:	61394	date:	2013-07-15T00:00:00
db:	BID	id:	61357	date:	2013-07-16T00:00:00
db:	BID	id:	61395	date:	2013-07-15T00:00:00